HOUSTON – The Federal Bureau of Investigation has issued a warning against a new type of scam circling the internet allowing cybercriminals to steal people’s paycheck straight from their direct deposit accounts.
According to the FBI, scammers will send an email posing as a human resources employee in order to obtain people’s login credentials.
Once they have access, scammers will log in to the payroll account and change the user’s bank information, turning off notifications alerting people of changes to their direct deposit information in the process, and reroute the money to an account controlled by the criminal, says the FBI.
The FBI is warning people and employers to keep high alert for emails that look like they could be from the human resources department.
If someone should come across one of these phishing emails, it is best to not click on any links, give any personal information or respond to the email, says the FBI. Instead, people are advised to forward suspicious requests to their IT or human resources department.
The FBI also suggests employers monitor activity for logins during non-business hours, and implement a two-step authentication process when handling sensitive information.